When iOS 16, iPad OS 16, and macOS Venture launch later this year, they will introduce a new feature called Lockdown Mode, which will heavily restrict communications to thwart spyware. Apple has accused groups like NSO and RCS Labs of developing spyware used in recent targeted political cyberattacks. Lockdown Mode will block features to harden security on Apple devices when engaged. The Messages app will disable link previews and block most attachments other than images. Web browsers will disengage features like just-in-time JavaScript on all sites except those that users whitelist. The feature will also block FaceTime calls and other communication requests from numbers a user has never called. Wired connections won’t work while a device is locked, users can’t install configuration profiles, and they can’t enroll a device into mobile device management. Apple will eventually add other protections to Lockdown Mode.
The Cupertino company will offer increased bounties for finding Lockdown Mode exploits, with a $2 million maximum to entice security researchers to notify it of any flaws in the system quickly. Additionally, Apple is starting a $10 million grant to support groups fighting targeted cyberattacks. Any damages Apple gets from its suit against the NSO group will contribute to the fund. In November, Apple filed a suit against NSO and its parent company, accusing it of developing spyware that leveraged iOS exploits to target iPhones at the behest of state entities. A month later, NSO’s Pegasus spyware ended up on the iPhones of US diplomats in Uganda. Then in June, reports described a similar group, RCS Labs, which also developed spyware that governments use to target specific Android and iOS devices. Apple says it designed Lockdown Mode for the small portion of its userbase that might come under this type of surveillance.